Cloud Application Web

DAVID MROCZEK

Monroe Township, New Jersey

Phone: 908-***-**** Email: ad8pbe@r.postjobfree.com

SUMMARY

Passionate and solutions-driven Cybersecurity student with a passion for pentesting with a certificate from Rutger University. Experience in Linux/Powershell utilizing a combination of strong communication, collaboration, problem-solving, and analytical skills. Ability to work in a fast-paced and diverse team environment developing solutions and exceeding expectations. TECHNICAL SKILLS

Softwares/Platforms: BurpSuite, Nessus, Snort, Wireshark, Aircrack-NG, John The Ripper, Security Onion, Azure, Linux, Windows

Software Languages: C, Bash, SQL, Python (Basics), PowerShell PROJECTS

Securing Cloud Apps Link to GitHub https://github.com/davidrmro/Project-1-Cloud-Apps

● Build a secured, protected cloud application that hosts your own cyber blog.

● Create VM’s, Security Groups, Virtual net using Azure services.

● Powershell, Bash, and Ansible to create containers to run the cloud Exploit Vulnerabilities in Rekall Corporation's Web Application, Linux Servers, and Windows Servers

● Exploit vulnerabilities on a VM system using Kali Linux and find ways to penetrate through the system using tools like Nmap for port scanning

● Using msfconsole connect to the VM and exploit directories in order to find user accounts and use John the Ripper for password hashing.

● Explain mitigations in a report in order to strengthen the security on the system.

● Understand Red and Blue team processes and mitigations RELEVANT EXPERIENCE

Cybersecurity Student Rutgers University Full Time 2023-2024

Key Accomplishments:

● Configuring and updating Microsoft Defender

● Enabling and configuring Microsoft Firewall

● Security Policy Development and Implementation

● Utilize tcpdump to capture and analyze TCP traffic

● Installed Wireshark on Ubuntu

● Utilize Wireshark to an analyze HTTP/S and RDP traffic

● Running a CTF event using Wireshark

● Using tar to create backups for data

● SQL Database

● Scripting using Nano

● Incident Response Plan Development

● Making Virtual Machines in Azure

● Creating Virtual Security Groups

● Creating Inbound and Outbound rules

● Create a Load Balancer for traffic

● Using Burpsuite to monitor

● Using Nessus to monitor network activity

● Using Nmap for port scanning into another machine

● Using Metasploit to perform exploitables

● Using Hack The Box for pentesting machines

● Presenting a project to the class based on pen-testing

● Security Audit and Compliance

● Red Team/Blue Team Exercises

Team Leader Wegman’s Food Markets Full Time

2015-2023

Worked in many departments over my 8 years with this company and moved up over the years through an internship with them.

Key Accomplishments:

● Through the internship, I was able to generate over $15,000 in sales in a produce category

● Able to manage and delegate tasks to a team to accomplish business goals

● Write emails and use excel and other tools to write up data and explanations for sales.

● Use various tools on Windows to generate data for sales and inventory through searching Customer Service Supervisor Wawa Full Time

2023-Present

This role gives me great team leadership skills and how to work as a team. This job also has given me building relationships skills in order to make a great work environment for my co-workers

Key Accomplishments:

● Use tools on Windows to generate data and minimize shrink in various areas

● Write emails for explanations on issues within the company

● Participated in a phishing email campaign and was able to notice that there was a phishing email sent an email area manager about it.

● Use tools such as password manager in order to change an associates password so they can log in.

EDUCATION

Program Certificate: Rutger University [Graduated (May 13th, 2024)] The course includes a total of 240 contact hours for a total of 24 continuing education units. Earning Criteria

-- Network Security: For their first project, students are tasked to collaborate in small groups to build, secure, and protect a cloud application that hosts their own cyber blog. This project results in tangible deliverables that demonstrate knowledge of cloud, cloud security, networking, web development, cryptography, and network security. Students prepare a professional presentation where they demonstrate interview skills by speaking technically about different project features while also explaining the development process.

-- Defensive Security: For this project, students work in groups to design a custom monitoring environment to protect a fictional organization. Students use Splunk to research and design a monitoring solution for their fictional organization, then determine whether that monitoring solution will protect their organization from several simulated attacks. Once completed, students showcase their defensive projects with professional presentations.

-- Offensive Security: Students work in teams to attack a fictional organization and determine its vulnerabilities. First, students attempt to exploit vulnerabilities on the organization's web application. Next, students attempt to exploit the organization's Linux and Windows servers in turn. The project is structured as a Capture the Flag (CTF) style competition, so that each vulnerability that students exploit correlates with a "flag," and flags are worth various point amounts depending on the difficulty level of the exploit.

-- Test Prep and Final Projects: The program culminates with a focus on certification preparation for Security+ and CEH exams. Learners also engage in a final group research project that showcases the skills they've learned in this class. On the final day of class, they give professional presentations of their work at the cyber class conference, bootCon.

Contact this candidate